Check Point Security Management Reviews

We work with multiple clients managing their network firewalls. This includes many multi-national networks as well as local systems in the U.S.A. 

We primarily are utilizing these products for managing customer/client environments to modify access rules and other policies for controlling traffic to and from both internal and external networks as well as cloud-based Azure systems. 

Check Point management products are in use in all these networks, including both standard Single Management Servers as well as Multi-Domain Management servers.

Check Point Security Management has always made it simple and easy to manage all our firewall systems and firewall policies. 

Check Point Security Management systems, both standard Single Management Servers as well as Multi-Domain Management servers, have made it very simple and easy to perform daily functions such as adding new user hosts or destination servers to existing firewall policy rules and successfully managing large corporate networks easily from both our office space or from remote worker systems.

We love the ability to monitor performance in real-time, and gather critical information about network flows and traffic. 

The controls for creating, modifying, and editing firewall policies, firewall configurations, and other system operations are very simple and seamless. Accessing and viewing logging from many firewalls worldwide is also made very simple and intuitive with the ability to see both an overall picture of the logging, as well as the ability to filter down to the most specific traffic flows.

Sometimes there are some performance issues that cause certain operations to run slowly, however, that may just be due to the hardware it is running on needing to be stronger. Check Point could possibly lighten up the software code so that it is not as resource-intensive and will run more smoothly on a variety of hardware and cloud or virtual machine platforms. 

More ability for users to generate reports for traffic flows, firewall performance factors like CPU, memory usage, total bandwidth consumption, and tracing heavy traffic (elephant) flows would also be great.

I've used the solution for over seven years.

So far, we have not experienced really serious issues with the stability of the platform.

Check Point Security Management is pretty robust at allowing the management of large numbers of firewalls - especially the Multi-Domain systems.

Though we do not need to utilize the support services often, they have always been prompt and courteous, and definitely knowledgeable.

Positive

Some of our clients have switched from other firewall solutions such as Fortinet or Palo Alto, however, they were not happy with these systems for various reasons.

These systems are pretty straightforward to install and implement.

Check Point seems to be reasonable with its pricing, and competitive in the market.

Sometimes our clients look at other options such as Palo Alto, or even a blend of these and Check Point.

We use Check Point Security Gateway GAIA R 80.40 as our secure gateway firewall. We have configured two gateways as active-passive in cluster mode. We also use R 80.40 as our security management server to configure the policies on the firewall. We use it primarily to control traffic and secure our network perimeter against unknown attacks. The different rules and policies for the SSL VPN connections are configured on the mobile access blade. We use the policies to segregate and filter the traffic flow. 

Check Point Security Management GAIA R 80.40 tremendously helped us in securing our network perimeter against various threats. 

We have used the access rules and application/URL filtering blades to filter and restrict unwanted traffic. 

The IPS blade, Antivirus blade, Anti-bot blade, Threat Emulation blade, and Threat Prevention blades are helping us tremendously in preventing attacks and thus take care of the threats at the gateways themselves. 

At the time of COVID, the Mobile Access blade has helped greatly in the smooth running of production.

We have found all the security blades very helpful. The IPS blade, Antivirus blade, Anti-bot blade, Threat Emulation blade, and Threat Prevention blades have been most useful in securing the network. 

With the antivirus, IPS, and Anti-bot blades signatures being automatically updated regularly on a daily/hourly basis, the network is always safe. 

The URL and Application Filter blade offers a daily update of the database which helps us control the traffic. 

Mobile access has helped us cater to more than 4000 users so that they can work from home.

The Security Management server could be improved. If it provided an inbuilt authenticator for multifactor authentication, that would be ideal. Currently, we have to depend on a third party for multifactor authentication. 

It would help us greatly in securing the remote access users if Mac binding can be done for remote access VPN users in mobile. It would be helpful if we could enable URL and application traffic control remote access. 

The logging and reporting are good, but it would be helpful if more report templates were available.

I have been using Check Point Security Gateway for more than 7 years.

The stability is great.

The scalability is great.

Technical support is good.

Positive

The company has been using Check Point for a long time. It's been more than 10 years. I have been with the company for past 7 Years.

The initial setup is straightforward.

We had assistance from our Vendor Team (ISecurenet). They are very good.

Our ROI has been above expectations.

The price is high but worth it.

Check Point is one of the top leaders in security solutions.

I am using Check Point to secure my home office because I'm doing all my work from home. 

The company uses software called Harmony. Check Point integrates nicely, whether on an endpoint or mobile device. It integrates well with the firewall and can give me reports that I can check without going to an online portal.

You need some technical expertise to use the solution. I don't think it's accessible to the typical end-user. You need to access the box and use some command lines or the web interface. It would be nice to have a user-friendly dashboard and comprehensive reporting. 

I started using Check Point last year.

I contacted Check Point because the device wasn't logging into the portal to download the license I purchased. It took them about three days to answer.

I was using Untangled and switched to Sophos. I decided after a year that Sophos wasn't for me, so I tried Check Point. 

It took me about two hours to do the initial installation, but the total deployment took a day. I did it myself and found it somewhat complicated. You need to know what you're doing. Check Point doesn't provide enough guidance and assumes you know everything. 

I pay for a yearly license, but you have the option of a three-year or a five-year license. 

I rate Check Point Security Management seven out of 10. I recommend it if you're a technical person experienced in WFM security devices. 

We needed a solution that would be in the cloud or on-premise, that would centralize the equipment, and that would help us comprehensively manage each of the appliances that we were going to place in the four branches that we manage. Starting from that premise, we started with Check Point Security Management being the number one solution as it was pioneering in managing multiple computers simultaneously. This tool helped us to be more efficient and better at controlling risk with our hybrid cloud.

Starting from the need for our teams to be in the cloud and on-premises data centers, we decided on centrally securing and managing all these environments, making them easier, and more user-friendly, and their policy configuration, management of blades in the appliances, and management completely remote. 

Among its value, we can say that it helps us administrators have less administrative management burden in each appliance that must be configured and managed. Another fact is that its version can be on-premise or cloud and this cloud version helps us lower costs.

Being able to install a version of Check Point Security Management helps us avoid the expense of creating a server dedicated to that function, and we save on equipment and technical personnel in installing it, which in the end accelerates the administration and management of equipment to connect to it. 

Among its advantages and features that add value is managing teams both on-premise and in the cloud, regardless of the type of cloud. It helps to have and use a solution that adapts to environments and is easy to manage and configure. 

Among the things that I would like in the future is for the solution to have its application on Android and iOS, as many of the administrators have adopted remote administration positions due to what has happened since the pandemic. This would help us to have an easier and simpler administration. I believe that these mobile solutions are part of the technological evolution and the promising future that new technologies bring us; this will help us with future innovation and management.

I've used the solution for one year. 

With Security Management solution, we can manage and distribute security policies to firewall gateways. In large environment where there are dozens of Check Point appliances from Headquarter to branches, I deployed the Security Management with thousands of rules for an enterprise. I created different security packages for each gateway/cluster pair for administration purpose while maintaining separation and ease of policy installation. With every change request, we just need to configure the relating package and install to right gateways. Besides log dashboard in smartconsole is very useful and convenient for monitoring and tracking. It provides intuitive interface to search log, operation to filter is very to understand

With Check Point Security Management, we can:

- Manage and configure cluster for Check Point Gateways. Define security zones (internal, dmz, external) on interfaces.

- Add, modify, delete security rules, objects and install to gateways.

- Activate or de-activate blades like Mobile Access, IPS, URL Filtering, Application Control, Identity Awareness, Antivirus,... to the selected gateways and configure the security settings on them.

- Track and monitor security logs.

- send commands to the Management API. Supporting Management API helps automated tasks for daily operation or integrate with third-party solution SIEM/SOAR.

The most valuable feature is Management API. It has been supported since R80 and above. Why? For firewall administrators who handle many tasks daily on not only Check Point systems. They are flooded with their boring manual tasks but always got stuck with request tickets. For security analysts who work with numerous logs from many sources and take actions to stop attacks. Can analysist and protection be highly effective if they must take much time in implementing policies? All limitations above can be solved with Check Point Management API. The administrators can automate and improve their productivity in operation by scripting. The security analysts can immediately apply security settings on the firewall while saving their time and concentrate on their research job. This feature is very useful and Check Point works great job to support many security aspects with easy-to-understand guide.

In complex environment, the Security Management system manages many firewall gateways. There are thousands of security rules in the server and there are also other security settings about Check Point blades. Database in the server becomes large. Hence installing policy takes very long time to complete. Imagine that the administrators must process their daily tickets. They make configuration changes in Smart Console of Management Server for the first ticket, and while waiting for installation completion, then they receive the second ticket, a critical case, what should they do? This is only one of the situations that the administrators are facing in operation. Hope that Check Point can improve the processing time of installation.

More than 5 years

Check Point TAC team is very professional.

Positive

Only manage Check Point gateways by using Check Point Management Server. I used other firewall vendors like Cisco, Fortinet but Check Point is much better about stability and performance. So using central management for Check Point is best choice.

Easy of setup

I always implement by myself because it's very easy to implement.

The solution is used to manage security gateways. We use the management server to manage our firewalls, one at DR and the other at HQ. 

The Management servers are also used to manage security policies to determine who or what system should connect to what. This allows us to block applications that are not needed per department. For example, Facebook is blocked for everyone except the marketing team. This helps keep people more productive. We also use the rules to prevent users from visiting dangerous and illegal sites.  

It has helped improve work in our organization. Check Point Management tracks a lot of activities on the network such as who is connecting to what sites and applications. 

It has also provided visibility into who is connecting to the corporate network via VPN and at what time which helps us keep unauthorized users away. 

The interface also makes it easy for us to configure the VPN from the GUI rather than the command line, which makes it easy even for less experienced engineers to work with. 

The management also gives visibility into licenses and device-related information to help track how long you have till licenses expire and the software and hardware health of devices. 

The smart event feature is the most valuable. The consolidated logs give full network visibility. 

The smart console has been able to provide us with good detailed information and reports ranging from bandwidth, risky applications, IPS reports, VPN reports, and infected hosts on the network. 

Reports help determine which machines may be infected with bots if they indicate that they were trying to connect to command and control servers, smart event helps determine these machines by IP address or username. 

The IPS also indicates what attacks and from where we're trying to hit our organization which helps us twerk our settings accordingly to have the most security we can get. 

It could improve by showing DNS-specific information for connections to unknown public IPs. 

Check Point could also improve management by not having applications for each version released because we have to install a new application for every version it is not very nice. They could do that by moving management to the web so that we do not have to install a client for every version. 

The fact that you have to connect to two different applications for management, does not make it the most usable. It could be great to have a system setting and policy setting done from one interface. 

I've been using the solution for four years.

It's a very stable solution and Check Point is always doing proactive support to avoid any future problems or failures. Checkpoint support fixes bugs that they discover before the implemented production systems are affected. By logging a call with the customer and helping them remediate problems before they occur. 

It is reasonably scalable as you are able to manage five gateways with one management server at entry-level.

The solution offers very good customer support. The engineers respond on time and are available to help even if it means setting up a call to help you in implementing the given instructions.

Positive

The initial setup was straightforward. The prompt to install and the setup guide will get you through the process. When you're unclear, there are plenty of online resources to help.

We did the implementation in-house.

The solution is definitely worth it as it helps put policies that help people focus more on work than play to use company resources more efficiently.

The application intervenes in security situations in the organization and launches advanced threat prevention measures. 

It has automated security controls that can predict and block malware attacks. 

It is backed by AI deep learning that offers intelligent information and scales performance to unlock hidden malicious behaviors. 

Data fraud cases have reduced since we set up this product as the main security assessment platform. 

Employees can safely browse and share files with their colleagues without fear of external interference.

We are satisfied with this application as it improves internet browsing security across the organization. 

Each department can easily share data with the management without fear of data compromise. 

It is more flexible than other solutions in the market as it can be deployed in both cloud and on-premise. 

It prevents members from logging in to unsecured sites and running links that may spread viruses to clean data. 

The set features are updated regularly to meet company demands and comply with set community guidelines.

The advanced security operational features help the business to identify weak points that can leak data to unauthorized personnel and take necessary precautions. 

Autonomous IoT Security monitors the performance of applications and equips them with safety measures to prevent risks and attacks. 

Deep learning threat prevention has blocked unsafe sites and phishing attacks from cyber attackers. 

It has audited the entire network and removed threat barriers that are used to slow down workflows. 

The cost of running this software has been reduced due to the modern automated version that can work faster without human intervention.

Overloading and access to many members simultaneously slow down performance, which can lead to security threats. 

New users working with this software find it hard to integrate effectively with other applications without the input of the customer support staff. 

It sometimes blocks safe sites when I am researching, affecting the overall output and wasting time. 

If the authorization commands are not well set, it slows down the working capacity of the Operating System. 

I love the current version with upgraded features that can block more attacks and protect our work environment.

I've used the solution for nine months.

The innovative security enhancement models have helped us in curbing most online threats.

There is improved security in communication and internet browsing.

We have achieved most of the set goals due to customer service team transparency and assistance.

Positive

This solution has been awesome and offers excellent functionalities.

The setup was relatively complex. That said, the customer service team provided enough assistance.

The vendor team was responsible for setting up everything.

The measured ROI has improved from 30% to 55% from the deployment period.

The setup and pricing costs are favorable to many business enterprises.

I have no interest in other applications.

This is the best platform for reducing phishing and blocking malware attacks.

We use the solution for ensuring the on-premise and cloud-based infrastructure through the Check Point gateway solution. We're applying the solution to the endpoint and running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance. 

As compared to the other vendors like CISCO ASA, Juniper, and other vendors it's nice to see maximum futures in the single firewall. The site and remote VPN deployment are very easy and troubleshooting the issues is also very easy.

The cluster solution made our job easier any fault to the device will not halt entire internet connectivity. In that case of the performance, we have zero-downtime upgrades and VPN solution deployments.

Check Point Software Technologies (Check Point for short) is a company operating exclusively in the field of Information Security and covering four main areas:

1. Network Security on the perimeter and inside Data Centers.
2. Cloud Security: Public, Private, and Hybrid.
3. Endpoint Security for both Windows and Macs.
4. Mobile Security for Android and iOS devices.

The solution offers ClusterXL, Secure XL, and Core XL.

When working with it, you will encounter three main components: Security gateway, security management server, and Smart Console. 

Customer support is very good and they have depth knowledge on the particular technology which helps us in fixing the problems ASAP. 

Remote and site-site VPNs we can easily deployable and maintenance  upgrade of the tunnel parameters becomes very easy as this is having the simple smart console access to the gateways. 

Also the multi-domain smart dashboard is another capability to manage multiple firewall through the single console.

The application filtering and URL filtering could be better.

They need to improve on this kind of technology as the Palo alto is ahead of the application-based and zero-trust-based approach also the cloud-based application control also user identification through the LDAP and other user directory settings to provide the proper solution.

Check Point has a complex range of reporting tools, some of which can take time to learn and be comfortable with. 

It is advised to make the processes simpler.

Need to have simple scripting and automation methodology to automate the networking operations.

I've used the solution for more than six years.

It's stable.

It's a good product that's scalable.

Technical support is nice.

Positive

I used Cisco ASA. Large-scale deployment and integration are very difficult in Cisco ASA.

The solution is straightforward.

We implemented it with the help of a vendor.

The ROI is good

I did evaluate ASA, Palo Alto, and Firepower solutions.